def test_saved_searches(self):
log = logging.getLogger('%s.%s' % (__name__, "SavedSearches"))
instance_config = SplunkInstanceConfig(
{
'url': 'dummy',
'authentication': {
'basic_auth': {
'username': "******",
'password': "******"
}
}
}, {}, {
'default_request_timeout_seconds': 5,
'default_search_max_retry_count': 3,
'default_search_seconds_between_retries': 1,
'default_verify_ssl_certificate': False,
'default_batch_size': 1000,
'default_saved_searches_parallel': 3,
'default_unique_key_fields': ["_bkt", "_cd"],
'default_app': 'default',
'default_parameters': {}
})
saved_search_components = SplunkSavedSearch(instance_config, {
"name": "components",
"parameters": {}
})
saved_search_match = SplunkSavedSearch(instance_config, {
"match": "comp.*",
"parameters": {}
})
saved_searches = SavedSearches(
[saved_search_components, saved_search_match])
# Base configuration includes the exactly specified search
saved_searches.update_searches(log, [])
self.assertEquals([s.name for s in saved_searches.searches],
["components"])
# This should not change anything
saved_searches.update_searches(log, ["components"])
self.assertEquals([s.name for s in saved_searches.searches],
["components"])
# Adding two component-like searches
saved_searches.update_searches(log,
["comps1", "comps2", "blaat", "nocomp"])
self.assertEquals(set([s.name for s in saved_searches.searches]),
set(["components", "comps1", "comps2"]))
# And remove again
saved_searches.update_searches(log, [])
self.assertEquals([s.name for s in saved_searches.searches],
["components"])
def test_splunk_dispatch(self):
username = "******"
appname = "myapp"
instance_config = SplunkInstanceConfig(
{
'url': 'dummy',
'authentication': {
'basic_auth': {
'username': "******",
'password': "******"
}
}
}, {}, {
'default_request_timeout_seconds': 5,
'default_search_max_retry_count': 3,
'default_search_seconds_between_retries': 1,
'default_verify_ssl_certificate': False,
'default_batch_size': 1000,
'default_saved_searches_parallel': 3,
'default_unique_key_fields': ["_bkt", "_cd"],
'default_app': 'default',
'default_parameters': {}
})
splunk_helper = SplunkHelper(instance_config)
saved_search = SplunkSavedSearch(instance_config, {
"name": "search",
"parameters": {}
})
params = {"key1": "val1", "key2": "val2"}
def _mocked_do_post(*args, **kwargs):
self.assertEquals(args,
('/servicesNS/%s/%s/saved/searches/%s/dispatch' %
(username, appname, quote(saved_search.name)),
params, 5, 'true'))
class MockedResponse():
def json(self):
return {"sid": "zesid"}
return MockedResponse()
setattr(splunk_helper, "_do_post", _mocked_do_post)
res = splunk_helper.dispatch(saved_search, username, appname, 'true',
params)
self.assertEquals(res, "zesid")
def test_splunk_helper(self):
instance_config = SplunkInstanceConfig(
{
'url': 'dummy',
'authentication': {
'basic_auth': {
'username': "******",
'password': "******"
}
}
}, {}, {
'default_request_timeout_seconds': 5,
'default_search_max_retry_count': 3,
'default_search_seconds_between_retries': 1,
'default_verify_ssl_certificate': False,
'default_batch_size': 1000,
'default_saved_searches_parallel': 3,
'default_unique_key_fields': ["_bkt", "_cd"],
'default_app': 'default',
'default_parameters': {}
})
splunk_helper = SplunkHelper(instance_config)
saved_search = SplunkSavedSearch(instance_config, {
"name": "search",
"parameters": {}
})
search_offsets = []
def _mocked_search_chunk(*args, **kwargs):
search_offsets.append(args[2])
if args[2] == 4000:
return {"messages": [], "results": []}
else:
return {
"messages": [],
"results": list(itertools.repeat(None, 1000))
}
setattr(splunk_helper, "_search_chunk", _mocked_search_chunk)
res = splunk_helper.saved_search_results("id", saved_search)
self.assertEquals(len(res), 5)
self.assertEquals(search_offsets, [0, 1000, 2000, 3000, 4000])